ipfilter v4.1.8 && UDP (OpenVPN)

Hi,

With one of our firewall systems (FreeBSD with IPF) I have the
problem that the OpenVPN tunnel is coming up but is not useable
for heavy traffic (i.e. ping is fine and telnet as well through
the tunnel, but fetching a page with a browser does not work);

in /var/log/messages I see lines like this:

Mar 2 15:09:21 firewall ipmon[167]: 15:09:21.028708 xl1 @0:37 p xxx.xxx.xxx.xxx,4675 -> 10.0.1.202,nnnn PR udp len 20 105 K-S IN
Mar 2 15:09:21 firewall ipmon[167]: 15:09:21.451231 xl1 @0:93 b 10.0.1.202 -> xxx.xxx.xxx.xxx PR udp len 20 (41) (frag 65054:21@1432) OUT

Mar 2 15:09:44 firewall ipmon[167]: 15:09:44.399168 xl1 @0:37 p xxx.xxx.xxx.xxx,4675 -> 10.0.1.202,nnnn PR udp len 20 129 K-S IN
Mar 2 15:10:10 firewall ipmon[167]: 15:10:09.236539 xl1 @0:93 b 10.0.1.202 -> xxx.xxx.xxx.xxx PR udp len 20 (41) (frag 950:21@1432) OUT

i.e. NAT passes the UDP to the OpenVPN-server at 10.0.1.202,nnnn,
but later traffic from 10.0.1.202 is blocked by the default
blocking rule (93); what does this 'frag 65054:21@1432' means?

thx

matthias
--
Matthias Apitz
Manager Technical Support - OCLC PICA GmbH
Gruenwalder Weg 28g - 82041 Oberhaching - Germany
t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211
e <m.apitz@oclcpica.org> - w http://www.oclcpica.org/ http://guru.UnixLand.de/
b http://gurucubano.blogspot.com/
OCLC PICA GmbH, Geschaeftsfuehrer: Christine Magin-Weeger, Norbert Weinberger
Sitz der Gesellschaft: Oberhaching, HRB Muenchen: 113261